openembedded-core.git/meta/recipes-support/curl, branch uninative-1.4 Mirror of openembedded-core curl: upgrade to 7.50.1 2016-08-17T09:33:35+00:00 Ross Burton ross.burton@intel.com 2016-08-12T10:26:15+00:00 62157e2b31c206be40f95574bb205dae5e8e4b68 This fixes 3 CVES: CVE-2016-5419 CVE-2016-5420 CVE-2016-5421 Signed-off-by: Ross Burton <ross.burton@intel.com> 
This fixes 3 CVES:

CVE-2016-5419
CVE-2016-5420
CVE-2016-5421

Signed-off-by: Ross Burton <ross.burton@intel.com>
curl: upgrade to 7.50.0 2016-08-10T08:36:19+00:00 Fan Xin fan.xin@jp.fujitsu.com 2016-08-03T06:16:40+00:00 638e648fdcba2f2a4fdf53747290a9a98ea0a86e Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
curl: upgrade to 7.49.1 2016-06-14T11:56:30+00:00 Chen Qi Qi.Chen@windriver.com 2016-06-12T02:21:04+00:00 53761f4f2d4b8463bf9f996a87ee0dc61e21a2d0 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
curl: add krb5 to PACKAGECONFIG 2016-05-06T09:30:58+00:00 Roy Li rongqing.li@windriver.com 2016-04-26T05:13:01+00:00 78811b6e608452a3137df6ed2346c69d42d8fd27 krb5 is needed to enables GSS-Negotiate authentication Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
krb5 is needed to enables GSS-Negotiate authentication

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
meta: remove redundant ac_cv_sizeof_off_t assignments 2016-04-11T20:56:28+00:00 Ross Burton ross.burton@intel.com 2016-04-11T19:49:23+00:00 1485d7cae88adb3575c6eaa47784fe50820d2740 ac_cv_sizeof_off_t was previously in the site cache files, which was breaking large file support and required a workaround in each recipe that actually wanted to use large files. Now that the entry has been removed from the site cache, we can remove the workarounds. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
ac_cv_sizeof_off_t was previously in the site cache files, which was breaking
large file support and required a workaround in each recipe that actually wanted
to use large files.

Now that the entry has been removed from the site cache, we can remove the
workarounds.

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
curl: re-enable proxy support by default 2016-02-18T22:55:11+00:00 Andre McCurdy armccurdy@gmail.com 2016-02-17T21:35:37+00:00 dfb0064fb16eba1446b8f3db13e0b8b3b4764481 Proxy support is a feature, so should not have been disabled in the previous commit (which disabled support for legacy protocols): http://git.openembedded.org/openembedded-core/commit/?id=b26634900d487a22eef41e9e077d35fb347d4c29 Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Proxy support is a feature, so should not have been disabled in
the previous commit (which disabled support for legacy protocols):

  http://git.openembedded.org/openembedded-core/commit/?id=b26634900d487a22eef41e9e077d35fb347d4c29

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
curl: add PACKAGECONFIG options for less common / legacy protocols 2016-02-11T22:32:17+00:00 Andre McCurdy armccurdy@gmail.com 2016-02-10T18:58:02+00:00 b26634900d487a22eef41e9e077d35fb347d4c29 As a result of this commit, the following protocols will now be disabled by default: DICT GOPHER IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP Also add a PACKAGECONFIG option for libidn (previously disabled unconditionally). Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
As a result of this commit, the following protocols will now be
disabled by default:

  DICT GOPHER IMAP IMAPS POP3 POP3S RTSP SMTP SMTPS TELNET TFTP

Also add a PACKAGECONFIG option for libidn (previously disabled
unconditionally).

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
curl: drop obsolete pkgconfig_fix.patch 2016-02-11T12:27:28+00:00 Andre McCurdy armccurdy@gmail.com 2016-02-09T19:02:06+00:00 27837df35db57f50b8fa7f7c6b3f2e400205deb9 This patch has been carried around in oe-core for a long time. It contains two unrelated changes and neither seem to be required any more. Drop the patch. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
This patch has been carried around in oe-core for a long time.
It contains two unrelated changes and neither seem to be required
any more. Drop the patch.

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
curl: update 7.47.0 -> 7.47.1 2016-02-11T12:27:26+00:00 Andre McCurdy armccurdy@gmail.com 2016-02-08T22:49:18+00:00 0ab2c3b105fe92efbc814a3985879996932878c6 Adjust LIC_FILES_CHKSUM beginline due to changes to the Copyright to acknowledge additional contributors. No change to the license text. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Adjust LIC_FILES_CHKSUM beginline due to changes to the Copyright to
acknowledge additional contributors. No change to the license text.

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 ) 2016-01-29T18:14:58+00:00 Andre McCurdy armccurdy@gmail.com 2016-01-28T21:31:38+00:00 6600190d7efb69dd5121b9ca082ad4c0dbc5e17e Full changelog: http://curl.haxx.se/changes.html#7_47_0 Security fixes: http://curl.haxx.se/docs/vulnerabilities.html CVE-2016-0754 : remote file name path traversal in curl tool for Windows CVE-2016-0755 : NTLM credentials not-checked for proxy connection re-use Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Full changelog: http://curl.haxx.se/changes.html#7_47_0
Security fixes: http://curl.haxx.se/docs/vulnerabilities.html

CVE-2016-0754 : remote file name path traversal in curl tool for Windows
CVE-2016-0755 : NTLM credentials not-checked for proxy connection re-use

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>